Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a denial of service, or privilege escalation. The CommonVulnerabilities and Exposures project identifies the followingproblems:

CVE-2009-1630

Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount.

Jan Beulich discovered an issue in Xen where local guest users may cause a denial of service (oops).

This update also fixes a regression introduced by the fix forCVE-2009-1184 in 2.6.26-15lenny3. This prevents a boot time panic onsystems with SELinux enabled.

For the stable distribution (lenny), these problems have been fixed inversion 2.6.26-15lenny3.

For the oldstable distribution (etch), these problems, whereapplicable, will be fixed in future updates to linux-2.6 andlinux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linuxpackages.

Note: Debian carefully tracks all known security issues across everylinux kernel package in all releases under active security support.However, given the high frequency at which low-severity securityissues are discovered in the kernel and the resource requirements ofdoing an update, updates for lower priority issues will normally notbe released for all kernels at the same time. Rather, they will bereleased in a staggered or "leap-frog" fashion.

Upgrade instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: